Overview

overview

7

Static

static

1

AnyDesk.exe

windows11-21h2-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    AnyDesk.exe

  • Size

    5.1MB

  • Sample

    240710-zxhmlssdmd

  • MD5

    d11cfd20a46e4e671d95f0c10bf67b41

  • SHA1

    b58f48305747847b1a7e921a8fda2da6eba6d08d

  • SHA256

    9301f6668a60613ea24505b0de6bc59b0e98b9f68a5c8a990c60ca076012d528

  • SHA512

    f72e098e6a7ad07d36bcfc4cbe2e5ec33ab93606e3d40d122781e3973d7f8c3ac629ef7b33fa3d6e43b25c80c37e674a7c6eb338062b7cced779b5cc240bd8ba

  • SSDEEP

    98304:lKie3Zkgwsf2PJ3SpOrt4Xc4rpKU4xzFtYygtS3fv6t1QPF8U:o3Zzwsf2PJ3SkxWcVpR2S3fv6t1W

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      AnyDesk.exe

    • Size

      5.1MB

    • MD5

      d11cfd20a46e4e671d95f0c10bf67b41

    • SHA1

      b58f48305747847b1a7e921a8fda2da6eba6d08d

    • SHA256

      9301f6668a60613ea24505b0de6bc59b0e98b9f68a5c8a990c60ca076012d528

    • SHA512

      f72e098e6a7ad07d36bcfc4cbe2e5ec33ab93606e3d40d122781e3973d7f8c3ac629ef7b33fa3d6e43b25c80c37e674a7c6eb338062b7cced779b5cc240bd8ba

    • SSDEEP

      98304:lKie3Zkgwsf2PJ3SpOrt4Xc4rpKU4xzFtYygtS3fv6t1QPF8U:o3Zzwsf2PJ3SkxWcVpR2S3fv6t1W

    Score
    7/10
    persistencespywarestealer

    • Reads local data of messenger clients

      Infostealers often target stored data of messaging applications, which can include saved credentials and account information.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Legitimate hosting services abused for malware hosting/C2

    • Drops file in System32 directory

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks